Skip to content

Commit

Permalink
Fix use-after-free in isolate_sandbox.cpp
Browse files Browse the repository at this point in the history
  • Loading branch information
@rqu
rqu authored and Martin Kruliš committed Jan 4, 2021
1 parent 1f47051 commit 1eaf003
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/sandbox/isolate_sandbox.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ void isolate_sandbox::isolate_init_child(int fd_0, int fd_1)

args[0] = isolate_binary_.c_str();
args[1] = "--cg";
args[2] = ("--box-id=" + std::to_string(id_)).c_str();
args[2] = strdup(("--box-id=" + std::to_string(id_)).c_str());
args[3] = "--init";
args[4] = NULL;

Expand Down Expand Up @@ -198,7 +198,7 @@ void isolate_sandbox::isolate_cleanup()
const char *args[5];
args[0] = isolate_binary_.c_str();
args[1] = "--cg";
args[2] = ("--box-id=" + std::to_string(id_)).c_str();
args[2] = strdup(("--box-id=" + std::to_string(id_)).c_str());
args[3] = "--cleanup";
args[4] = NULL;
// const_cast is ugly, but this is working with C code - execv does not modify its arguments
Expand Down

0 comments on commit 1eaf003

Please sign in to comment.